Ransomware attacks

Early Friday morning the world experienced the year’s latest cyberattack. The ransomware attacks hit banks, hospitals, and companies in 150 countries. Huge organisations were compromised, including FedEx in the US, Renault factories in France and the NHS in the UK. In Germany, train arrival and departure boards were hacked and had to be replaced by chalk and blackboards.

Microsoft says the attacks, which hit 200,000 computers worldwide, should be a ‘wake-up call’, and there are concerns that the full effect of the attack are yet to be recognised. The viruses hit on Friday at a time when many people had already left work, meaning potentially damaging emails could have been opened as computers were switched on this morning.

Ransomware is a program that locks a computers files until a ransom is paid, often through Bitcoin, and although it’s not new, there’s never been an attack on this scale before. How profitable it was for those behind the virus is unknown, but the figures seen by the BBC implied that most victims hadn’t paid anything. The NHS had most of their machines up and running again by Saturday morning but hasn’t revealed what they did in order to achieve this.

The WannaCry virus involved infects only machines running Windows operating systems, and homeowners aren’t thought to be at much risk. However, precautions can be taken by updating software and ensuring files are backed up.

The quick spread of this virus comes because unlike most malicious programs, WannaCry has the ability to move around networks without being opened. It has been likened to a vomiting bug in the way it spreads. It’s not yet known who is behind the attack, but experts say that the malware involved wasn’t particularly sophisticated. This, along with the low number of Bitcoin wallets used, suggests it won’t have been a large criminal gang.

The National Health Service has been one of the worst-affected bodies in the global ransomware attack

Worldwide, the virus affected varying countries differently. It tried to infect more computers in Russia than anywhere else, while computers at nearly 30,000 institutions and organisations were affected in China. In the UK, however, The National Health Service has been one of the worst-affected bodies.

Ben Wallace, the UK’s cyber-security minister, said that over the weekend IT staff had worked in NHS trusts across the country to restore data from back-up and install security patches to cope with the attack. He said, ‘Hopefully this has stabilised and today and for the rest of the week services will return to normal.’

Attacks like this are not unexpected, and last year the UK put nearly two billion pounds aside to improve cyber-security, but Klisman Murati, a counter-terrorism and security analyst says this attack shows ‘a lot needs to be done to make sure this money’s put to good use’.

There has been some controversy and criticism surrounding Health Minister Jeremy Hunt in the aftermath of the attack. He was warned last summer that NHS organisations were at risk of cyber-attacks and it was becoming a bigger concern as the NHS switched from paper to digital medical records and systems. They warned of increasing numbers of unsolicited emails containing ‘malware’ or hidden software, designed to cause harm, in global circulation, and recommended that computer hardware and software be updated. However it appears many hospitals were still using outdated systems.

There’s no doubt that cyber-attacks are a problem that isn’t going to disappear. Nicole Eagen has said that in a world where criminals sell tools on the dark web, cyber security has become something of ‘an arms race.’

In the short term, the quick recovery of the NHS to becoming fully functional is arguably the biggest and most important news, but for those involved in international security, this incident will be cause for concern. A spokesman for Number 10 said: ‘It is much as it was at the moment but we’ve also said this is a very complex issue and we need to keep abreast of what’s happening.’

Many people have expressed concerns that these dangers should have been heeded earlier, and a scare like this shouldn’t have been needed – evoking the simple lesson: ‘failing to prepare is preparing to fail’ – so for those involved in cyber-security in the future, getting ahead of the game, and understanding advancing technology and the threats around it will be an urgent priority.